crowdstrike launch

Beyond Identity and CrowdStrike Integration: Advanced Attack Prevention and a Strong Zero Trust Foundation

Categories: Product

Most of us have been implementing Zero Trust for a long while and most of our customers are already on the journey to formalize their architecture and are moving forward with their Zero Trust plan to get there. We’re on that journey too, and our incredible engineering team has built out a powerful new integration with CrowdStrike that we think you will love. Spoiler alert: It's a great base layer for your Zero Trust architecture, but more importantly, it can really help protect you by mitigating key vulnerabilities that exist in your current attack surface.

Recently, our engineering team dropped a deep technical integration with the CrowdStrike Falcon® platform. The combination of Beyond Identity’s advanced, passwordless MFA and CrowdStrike Falcon’s leading endpoint protection stops the two prevalent sources of ransomware and account takeover attacks—passwords and compromised endpoints. 

You can’t achieve Zero Trust if you can’t strongly authenticate users and ensure endpoint devices are secure. Unfortunately, legacy multi-factor authentication (MFA) is easily phishable at scale and does nothing to ensure that endpoints are adequately protected before granting access. 

Thus far, unifying endpoint detection and response (EDR),identity and access management (IAM) and MFA products seamlessly has traditionally been challenging. Far too often, MFA is solely focused on "who" is gaining access, but "what" is gaining access has mistakenly been left out of this equation and should not be viewed as a separate set of risk signals. That is where the Beyond Identity integration with CrowdStrike comes in. It bridges this gap between identities and endpoints with comprehensive context to meaningfully reduce the attack surface and significantly raise the cost for adversaries. Organizations can now have the highest degree of assurance around who and what is gaining access.

The integration also provides a foundational layer for Zero Trust—enabling an extremely high-trust method of authenticating users (employees, contractors, and consultants). By ensuring users can only gain access from endpoint devices that meet security policy requirements and that have a clean bill of health from both Beyond Identity and CrowdStrike, organizations can ensure dynamic protection and layered defense.

Integration highlights:

  • Leverage the CrowdStrike Falcon Zero Trust (ZTA) Risk Score: Easily check for the Falcon ZTA score  in the Beyond Identity policy engine and permit users logging in from devices that have met the acceptable score. In addition, the integration enables organizations to fail authentication transactions and alert the security operations center (SOC) for devices that CrowdStrike deems as too risky. By integrating the Falcon ZTA score with additional device security and user behavior checks FROM Beyond Identity’s authenticator collection and advanced policy engine, you get comprehensive context and visibility. 
  • Quarantine risky devices: Beyond Identity’s continuous authentication capability evaluates user behavior and device security posture during the authentication transaction and beyond. It can recheck each user and device by running assessments at 10-minute intervals. If the device goes out of compliance security policy—for example, a user turns off the firewall or disables the device PIN or biometric—the Beyond Identity cloud-based policy engine can initiate an API call to CrowdStrike to quarantine the device, speeding up time-to-respond.

Beyond Identity’s integration with the Falcon platform helps to stop two most often-employed initial attack vectors—compromised passwords and compromised devices—that are well documented in the annual Verizon Data Breach Investigation Report and enumerated in the MITRE ATT&CK framework.  

You can see it in action here.

And you can see just how easy it is to configure this deep integration here: 

Beyond Identity’s unphishable, passwordless MFA is the critical first step in achieving a Zero Trust security strategy. Combining the power of Beyond Identity with CrowdStrike’s market-leading cybersecurity platform takes Zero Trust to the next level. The integrated solution is available today.